Lucene search
+L

333 matches found

Chainguard
Chainguard
added 2026/05/16 1:18 a.m.13 views

GHSA-R5QW-5M8Q-6774 vulnerabilities

Vulnerabilities for packages: linux-aws, linux-vmware, linux-qemu, linux-gcp, linux-azure...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/05/16 1:18 a.m.9 views

GHSA-RC8C-94M4-FRFH vulnerabilities

Vulnerabilities for packages: linux-aws, linux-vmware, linux-qemu, linux-gcp, linux-azure...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/05/16 1:18 a.m.18 views

GHSA-585P-9MG2-6VMM vulnerabilities

Vulnerabilities for packages: linux-aws, linux-vmware, linux-qemu, linux-gcp, linux-azure...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/05/16 1:18 a.m.16 views

CVE-2026-43099 vulnerabilities

Vulnerabilities for packages: linux-aws, linux-vmware, linux-qemu, linux-gcp, linux-azure...

7.5CVSS7.2AI score0.0049EPSS
Exploits0
Snyk
Snyk
added 2026/05/11 9:0 p.m.12 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
OSV
OSV
added 2026/05/07 4:48 p.m.3 views

GHSA-GR3R-CRP5-QRRM Compromised tag of intercom-php published via GitHub

Impact On April 30, 2026, a malicious commit was pushed to the intercom/intercom-php repository and tagged as version 5.0.2, using a compromised service account github-management-service. This occurred as part of the same supply chain attack that affected intercom-client on npm. The malicious...

9.3CVSS5.8AI score
Exploits0References4
OSV
OSV
added 2026/05/07 6:31 a.m.8 views

GHSA-2MH5-3CW6-HRRQ Spring Cloud Config has an Authorization Bypass Through User-Controlled Key

When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/07 3:55 a.m.8 views

CVE-2026-40981

When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/07 3:55 a.m.80 views

CVE-2026-40981

When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...

7.5CVSS0.00435EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/07 3:55 a.m.6 views

CVE-2026-40981

When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config server potentially exposing secrets from unintended GCP projects. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.11 views

VMware Spring Cloud Config 安全漏洞

VMware Spring Cloud Config is a configuration management solution for distributed systems developed by VMware, Inc. This product primarily provides server and client support for external configurations in distributed systems. There is a security vulnerability in VMware Spring Cloud Config, which...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.22 views

PT-2026-38329

Name of the Vulnerable Software and Affected Versions Spring Cloud Config versions 3.1.0 through 3.1.13 Spring Cloud Config versions 4.1.0 through 4.1.9 Spring Cloud Config versions 4.2.0 through 4.2.6 Spring Cloud Config versions 4.3.0 through 4.3.2 Spring Cloud Config versions 5.0.0 through 5.0...

7.5CVSS5.8AI score0.00435EPSS
Exploits0References10
Chainguard
Chainguard
added 2026/05/01 7:17 p.m.9 views

GHSA-GGGW-8CQ2-45CP vulnerabilities

Vulnerabilities for packages: linux-aws, linux-vmware, linux-qemu, linux-gcp, linux-azure...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/05/01 7:17 p.m.31 views

CVE-2026-31626 vulnerabilities

Vulnerabilities for packages: linux-aws, linux-vmware, linux-qemu, linux-gcp, linux-azure...

7.1CVSS5.1AI score0.00288EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/30 8:48 p.m.7 views

CVE-2026-3259

A Generation of Error Message Containing Sensitive Information vulnerability in the Materialized View Refresh mechanism in Google BigQuery on Google Cloud Platform allows an authenticated user to potentially disclose sensitive data using a crafted materialized view that triggers a runtime error...

7.1CVSS5.2AI score0.00226EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.11 views

PT-2026-34647

A Generation of Error Message Containing Sensitive Information vulnerability in the Materialized View Refresh mechanism in Google BigQuery on Google Cloud Platform allows an authenticated user to potentially disclose sensitive data using a crafted materialized view that triggers a runtime error...

7.1CVSS5.7AI score0.00226EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.5 views

PT-2026-32955

Name of the Vulnerable Software and Affected Versions OAuth2 Proxy versions prior to 7.15.2 Description A configuration-dependent authentication bypass exists in deployments using auth request-style integration, such as nginx auth request. The issue occurs when either the --ping-user-agent variab...

9.1CVSS5.8AI score0.00475EPSS
Exploits0References15
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.6 views

GHSA-PW2V-CMFH-X2P3 vulnerabilities

Vulnerabilities for packages: linux-aws, linux-vmware, linux-qemu, linux-gcp, linux-azure...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.6 views

GHSA-5R72-P4CV-H344 vulnerabilities

Vulnerabilities for packages: linux-aws, linux-vmware, linux-qemu, linux-gcp, linux-azure...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.7 views

GHSA-2MVM-XGM9-R324 vulnerabilities

Vulnerabilities for packages: linux-aws, linux-vmware, linux-qemu, linux-gcp, linux-azure...

5.3AI score
Exploits0
Rows per page
Query Builder